October 4, 2022

A jury found Argishti Khudaverdyan, a former T-Mobile store owner, guilty of using stolen credentials to unlock “hundreds of thousands of cellphones” between August 2014 and June 2019 (via PCMag). According press release from the Ministry of Justice and an indictment filed earlier this year, Khudaverdyan made about $25 million from the scheme, which also involved bypassing carrier blocks placed on lost or stolen cellphones.

For years, he allegedly used a variety of tactics to obtain T-Mobile employee credentials needed to unlock the phones, including phishing, social engineering, and even asking the carrier’s IT department to reset passwords higher users, giving him access. The DOJ says it accessed more than 50 employee credentials and used them to unlock phones from “Sprint, AT&T and other carriers.”

According to the indictment, Khudaverdyan was able to access T-Mobile’s unlocking tools over the open internet until 2017. After the carrier moved them to its internal network, Khudaverdyan allegedly used stolen credentials to access that network over Wi-Fi -Fi on T-Mobile supply.

The DOJ says Khudaverdyan co-owned a T-Mobile store called Top Tier Solutions Inc for a few months in 2017, though the carrier ended up terminating the store’s contract due to suspicious behavior. (The other co-owner, Alen Gharehbagloo, was also charged with fraud and illegally accessing computer systems and pleaded guilty.) Over the years, the DOJ says Khudaverdyan operated the email unlocking services, brokers and various websites, telling customers they were official T-Mobile unlocks.

Khudaverdyan’s indictment describes some of the purchases he and Gharehbagloo made with the money they got from unlocking the phones. property in California, $32,000; Audemars Piguet Royal Oak watch, and a Land Rover. Gharehbagloo and Khudaverdyan are accused of leasing a Mercedes-Benz S 63 AMG and aFerrari 458, respectively. A Rolex Sky-Dweller was also seized from one of the properties.

Khudaverdyan isn’t the only person who has run afoul of the law on unlocking devices or otherwise circumventing manufacturer-imposed limits. Last year, a man named Muhammad Fahd was sentenced to 12 years in prison for unlocking about 2 million AT&T phones, and a man named Gary Bowser was recently jailed (and fined $10 million) for his role in a company that sold mods for the Nintendo Switch.

In a way, these types of crimes are sympathetic—it’s hard to feel bad for companies that lose revenue they would have gained by limiting what customers can do with their devices. I’m not going to cry because the Justice Department says Khudaverdyan’s unlocks “enabled T-Mobile customers to stop using T-Mobile services and thereby deprive T-Mobile of revenue derived from customer service contracts and equipment installment plans’.

Of course, the fact that such unlocks are illegal means that it’s difficult to perform an unlock program without getting your hands dirty. Tricking T-Mobile employees out of their credentials isn’t great, and neither is potentially unlocking phones for thieves who want to sell them on the black market. But it would be difficult for people like Khudaverdyan or Fahd to create profitable and shady businesses doing this if carriers made it too easy for customers to do it themselves.

Khudaverdyan faces a minimum of two years in prison for aggravated identity theft and up to 165 years for the wire fraud, money laundering and unauthorized computer access charges. A sentencing hearing is scheduled for October 17.

Source link

Leave a Reply

Your email address will not be published.